added version, severity and requiredDataConnectors

Hunting Queries/SecurityEvent/ADFSDBLocalSqlStatements.yaml

@@ -7,6 +7,8 @@ description: |
   Reference: https://github.com/Azure/SimuLand/blob/main/3_simulate_detect/credential-access/exportADFSTokenSigningCertificate.md
   Reference: https://o365blog.com/post/adfs/
   '
+severity: Medium
+requiredDataConnectors: []
 tactics:
   - Collection
 relevantTechniques:
@@ -22,3 +24,13 @@ query: |
   | extend session_server_principal_name = extract("session_server_principal_name:([\\S]+)", 1, RenderedDescription)
   | extend server_principal_name = extract("session_server_principal_name:([\\S]+)", 1, RenderedDescription)
   | extend HostCustomEntity = Computer, AccountCustomEntity = split(server_principal_name, '\\')[1]
+entityMappings:
+  - entityType: Account
+    fieldMappings:
+      - identifier: FullName
+        columnName: AccountCustomEntity
+  - entityType: Host
+    fieldMappings:
+      - identifier: FullName
+        columnName: HostCustomEntity
+version: 1.0.0